Skip to main content

This is why you need to update your company AV now

(Image credit: Andriano.cz / Shutterstock)

As the US and Canada commemorate the start of National Cybersecurity Awareness Month, eSentire and Carbon Black have released a new Threat Intelligence Spotlight which highlights the increasing sophistication of modern malware.

The two firms created the latest Threat Intelligence Spotlight to provide all users, regardless of their technical knowledge, with a resource that can help them understand how malware works and the best ways to protect against its impact.

eSentire's Threat Intelligence Spotlight: The Shifting Framework of Modern Malware report was compiled using data gathered from Carbon Black's extensive endpoint protection install base along with information gleaned from the 650 mid-sized organizations eSentire protects.

Modern malware

By analyzing all of the data collected, security analysts from both companies found that the median number of variants within a malware family is around 10 and the largest number of variants within a family is over 200. The high number of malware variants makes detecting and stopping threats quite difficult for traditional endpoint security solutions.

eSentire and Carbon Black discovered that it takes almost 40 hours for the majority of legacy antivirus engines to detect some new forms of malware. In that time, users could easily be infected with the latest malware despite having the proper security solutions in place to deal with these kinds of threats.

The report also found that new variants of the Emotet malware can spread to unprotected hosts on the same network in just under 12 seconds. This major malware family only recently returned after taking a four month hiatus earlier this year.

In terms of how malware is spread, eSentire and Carbon Black's research noted that email is the main way in which malware infects organizations and over two-thirds (67%) of all malware that infects businesses does so via email.

Chief product officer at eSentire, Sean Blenkhorn provided further insight on the report's findings, saying:

"The global malware ecosystem has matured beyond nuisance-causing and attention-grabbing activities into a massive business, complete with markets, vendors and outsourcing. Education is the first step in being able to protect against malware, and our new Threat Intelligence Spotlight provides the perfect foundation for anyone who wants to understand this issue in more detail."